package com.lg.atp.sercurity;


import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.springframework.core.Ordered;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.PathMatcher;

public class SessionTimeoutFilter implements Filter,Ordered{
	private String sessionTimeoutUrl;
	
	public String getSessionTimeoutUrl() {
		return this.sessionTimeoutUrl;
	}

	public void setSessionTimeoutUrl(String sessionTimeoutUrl) {
		this.sessionTimeoutUrl = sessionTimeoutUrl;
	}

	public void doFilterHttp(HttpServletRequest request,
			HttpServletResponse response, FilterChain chain)
			throws IOException, ServletException {
		if(isSessionExpired(request)){
		       processRequest(request, response);
		}else{
			chain.doFilter(request, response);
		}
	}

	protected String determineSessionTimeoutUrl(HttpServletRequest request) {
		return this.sessionTimeoutUrl != null ? this.sessionTimeoutUrl: "/index";
	}
	
	/**
	 * 判断session是否有效
	    * @Title: isSessionExpired
	    * @Description: (这里用一句话描述这个方法的作用)
	    * @param @param request
	    * @param @return    参数
	    * @return boolean    返回类型
	    * @throws
	 */
	protected boolean isSessionExpired(HttpServletRequest request) {
		PathMatcher matcher = new AntPathMatcher();  
		String servletUrl = request.getServletPath();
		if(matcher.match("/layui/**",servletUrl)||
				matcher.match("/css/**",servletUrl)||
				matcher.match("/jstree/**",servletUrl)||
				matcher.match("/js/**",servletUrl)||
				matcher.match("/images/**",servletUrl)||
				matcher.match("/wsServices/**",servletUrl))
			return false;
		return (request.getRequestedSessionId() != null
				&&!request.isRequestedSessionIdValid());
	}

	
	protected void processRequest(HttpServletRequest request,
			HttpServletResponse response) throws IOException {
		HttpSession session = request.getSession();
		session.setAttribute("SPRING_SECURITY_LAST_EXCEPTION", new Exception("登录超时"));
		String targetUrl = determineSessionTimeoutUrl(request);
		targetUrl = request.getContextPath() + targetUrl;
		if (request.getHeader("x-requested-with") != null  
	                && request.getHeader("x-requested-with").equalsIgnoreCase(  "XMLHttpRequest")) { // ajax 超时处理  
			response.addHeader("sessionstatus", "timeOut"); //返回超时标识  
			response.addHeader("loginPath", targetUrl);// 返回url  
	        }
		else
		   response.sendRedirect(response.encodeRedirectURL(targetUrl));
	}
	
	public int getOrder() {
		return 0;
	}

	@Override
	public void destroy() {
		
	}

	@Override
	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain chain) throws IOException, ServletException {

	    if (!(request instanceof HttpServletRequest)) {
	      throw new ServletException("Can only process HttpServletRequest");
	    }

	    if (!(response instanceof HttpServletResponse)) {
	      throw new ServletException("Can only process HttpServletResponse");
	    }

	    doFilterHttp((HttpServletRequest)request, (HttpServletResponse)response, chain);
	}

	@Override
	public void init(FilterConfig arg0) throws ServletException {
		
	}}

